In computer systems, particularly mainframe computer systems, security policies are employed in order to control access to system data and resources by various users. The policies are often times decreed at a high level in an organization, for example, by a chief system administrator, or chief security officer, in order to control system access at lower levels. Implementation of the general policies are commonly the responsibility of local administrators.
Implementation of general security policies involves the use of security management software that resides on the computer system. Such software tools are commonly referred to as “external security manager” software, or “resident security products”. The security management software tools are programmed based on security descriptions, for example in the form of records, rules, rule sets, attributes or profiles (hereinafter referred to as security “profiles”), which represent a translation of the security policy into an encoded form that is recognized by the tools. The security profiles are commonly programmed by a local administrator, for example an administrator of a mainframe computer system. Common examples of contemporary security management tools include RACF and ACF2.
All aspects of system security are controlled according to the programming of the security profiles. For example, user access rights, user account names and passwords, rules related to user authorization, data resource access, and the like, are all implemented and controlled by the security management tools according to the programmed security profiles. However, complete responsibility for the security profiles, including programming of new security profiles, and modification and deletion of existing security profiles, is entirely under the jurisdiction of the local administrator. For this reason, there is no way to be certain that the local administrator is implementing security profiles on the system that are in compliance with the general policy. Any negligent or intentional failure to comply with the general policy by the local administrator could lead to a breach in security.